Teddy Bear Virus Hoax - jdbgmgr.exe

Outline

Email warns that a file on your computer called jdbgmgr.exe is a virus and provides instructions on how to delete jdbgmgr.exe (Full commentary below).

Brief Analysis

False (jdbgmgr.exe is not a virus)

Example

SORRY - but as you're on my address list this virus has probably
forwarded itself on to you.

It is easily removed if you don't open the file (jdbgmgr.exe) It has a
teddy bear icon and is not detectable by norton or mcafee.

First go to Start then the find or search option. In the files or
folders option type jdbgmgr.exe. Search C drive and tick the 'include
subfolders' and any other drives you may have. Click 'find now' - the
virus has a grey teddy icon. DO NOT OPEN IT. Go to edit (on the menu bar)
and 'select all'. Now go to file (on the menu bar) and DELETE. This will
send it to the recycle bin so then go and delet or empty it there as well.

If you find the virus (as I did!) you must contact everyone in your
address book and send them these instructions. ASAP.

Detailed Analysis

The so-called "Teddy Bear" virus hoax is not one of the latest email hoaxes but, as email hoaxes go, this one is proving to be quite resilient. It regularly pops up on forums and news groups and still finds its way to my inbox. Unfortunately, this one is a little more harmful than your average email hoax in that it can trick unwary computer users into deleting "jdbgmgr.exe", a legitimate Windows file. One of the reasons that this email hoax has been so successfully is that the file in question (jdbgmgr.exe) really does have a cute little teddy bear icon. Such an icon may look out of place for a Windows file, so people are perhaps that little bit more willing to believe the warning in the email. Of course, if nothing else, the teddy bear icon proves that computer programmers actually do have a sense of humor (grin).

Teddy bear icon for jdbgmgr.exe

Luckily, deleting jdbgmgr.exe will not cause problems for the average end user. The file is the Microsoft Debugger Registrar for Java, which is used only by Microsoft Visual J++ 1.1 developers. However, email hoaxes like this and the sulfnbk.exe email hoax set up a dangerous precedent. Given the amount of computer users that have already deleted "jdbgmgr.exe", an email hoax that advised people to delete a crucial Windows file could cause as much damage as a real virus.

An important rule of thumb here is to never delete a file on the strength of a forwarded email message alone. Always check the veracity of an email-borne virus warning by checking a legitimate Anti-Virus site even if the warning was sent to you by Uncle Boris who "knows all about computers".

I received this message below and DID have the jdbgm virus file in my
C drive, I followed the instructions below and deleted it. I suggest
you also check by following the instructions below. Kindest regards,
[Removed]

To all parties in our address book:

We received this message from someone else today...

On January 15th or there about we received a virus that automatically
is past through e-mail address books. We found it in our c-drive.
Since you are in our address book, you will probably find it in your
computer too. The virus called jdbe.exe is not detected by Norton or
McAfee anti-virus systems. The virus sits quietly for 14 days before
damaging the system. It is sent automatically by "messenger" and by
address book whether or not you sent e-mail to your contacts. Here is
how to check for the virus and how to get rid of it.

PLEASE DO THE FOLLOWING ASAP:

1 Go to the Start, then click your "find" or "search" option.
2. In the folder option, type the name jdbgm
3. Be sure to search your C drive (this is where I found it) and all
the sub folders and other drives you may have
4. Click "find now"
5. the virus has a teddy bear icon! with the name jdbgmgr.exe. DO NOT
OPEN IT!
6. Go to Edit (on the menu bar) and choose "select all" to highlight
the file without opening it.
7. Now go to the File (on your menu bar) and select delete. The virus
will then go to the recycle bin.
*** If you find the virus, you must contact all the people in your
address book so that they may eradicate the virus from their own
address books
To do this:
1. Open a new e-mail message
2. Click the icon address book (contacts) next to "To"
3. Highlight every name and add to "BCC"
4. Copy the message and paste to e-mail
SORRY ABOUT THIS